package com.jlsoft.config.rbac;

import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.jlsoft.config.CustomUser;
import com.jlsoft.entity.Permission;
import com.jlsoft.entity.RolePermission;
import com.jlsoft.service.IPermissionService;
import com.jlsoft.service.IRolePermissionService;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;

/**
 *
 */
@Component(value = "rbacService")
@Slf4j
@SuppressWarnings("all")
public class RbacServiceImpl implements RbacService {
    private Logger logger = LoggerFactory.getLogger(getClass());

    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    @Autowired
    private IRolePermissionService rolePermissionService;

    @Autowired
    private IPermissionService permissionService;

    @Override
    public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
        String requestUrl = request.getRequestURI();
        Object principle = authentication.getPrincipal();
        boolean hasPermission = false;
        if (principle instanceof UserDetails) {
            CustomUser userDetails = ((CustomUser) principle);
            Collection<GrantedAuthority> authorities = (Collection<GrantedAuthority>) userDetails.getAuthorities();

            //当前用户角色权限中间表实体集合
            List<RolePermission> rolePermissionList = rolePermissionService.selectList(new EntityWrapper<RolePermission>()
                .in("role_id", userDetails.getRoles().stream().map(item -> item.getId()).collect(Collectors.toList()))
            );

            //当前用户权限Url配合集合
           List<String> urls = permissionService.selectList(new EntityWrapper<Permission>()
                .in("id", rolePermissionList.stream().map(item -> item.getPermissionId()).collect(Collectors.toList()))
            ).stream().map(item -> item.getUrl()).collect(Collectors.toList());


            //主页 和 当前用户信息能 自由访问
            if ("/me".equals(requestUrl)) {
                return true;
            }

            if ("/webme".equals(requestUrl)) {
                return true;
            }

            /*String[] urls = new String[]{};
            if("super".equals(userDetails.getUsername())) {
                urls = new String[]{"/admin/**","/user/**"};
            }else if("admin".equals(userDetails.getUsername())) {
                urls = new String[]{"/admin/**"};
            }else if("user".equals(userDetails.getUsername())) {
                urls = new String[]{"/user/**"};
            }*/


            for (String url : urls) {
                boolean result = antPathMatcher.match(url, request.getRequestURI());
                if (result) {
                    hasPermission = true;
                    break;
                }
            }
        }
        return hasPermission;
    }



}
